Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WPB-2970 Update dependencies, cleanup, add unit test #25

Merged
merged 19 commits into from
Mar 14, 2024
Merged

WPB-2970 Update dependencies, cleanup, add unit test #25

Show file tree
Hide file tree
Changes from 15 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
6fbdacc
update packages
battermann Mar 12, 2024
bb77162
dup dependency
battermann Mar 12, 2024
212c148
use nix for ghc cabal etc
battermann Mar 12, 2024
7d0e05d
update ghc in dockerfile
battermann Mar 12, 2024
d55c6ca
load cabal.project in dockerfile
battermann Mar 12, 2024
6d4dfeb
add formatters/tools to env
battermann Mar 12, 2024
7580b95
reformat cabal file
battermann Mar 12, 2024
e7cac80
add ormolu to treefmt
battermann Mar 12, 2024
bd36e95
format hs
battermann Mar 12, 2024
383065f
lower bound of hscim set to 0.4.0.2
battermann Mar 12, 2024
d98bef0
make run.sh script work
battermann Mar 13, 2024
01764b6
clean up
battermann Mar 13, 2024
fd8ecec
unit test mapping
battermann Mar 13, 2024
327bb43
update gh action
battermann Mar 13, 2024
910e370
better naming
battermann Mar 13, 2024
50402fe
added some comments
battermann Mar 13, 2024
023e94e
gh action
battermann Mar 14, 2024
ccaf664
try fix gh action
battermann Mar 14, 2024
08ce76a
try fix gh action (1)
battermann Mar 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
use nix
6 changes: 3 additions & 3 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ jobs:
runs-on: ubuntu-18.04
strategy:
matrix:
cabal: ["2.4"]
cabal: ["3.10"]
ghc:
- "8.8.3"
- "9.4.8"
if: "!startsWith(github.ref, 'refs/tags/v')"

steps:
Expand All @@ -42,7 +42,7 @@ jobs:

- name: Test
run: |
echo 'No tests'
cabal v2-test --test-show-details=always --test-option=--color

publish:
# needs : build
Expand Down
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,3 +52,6 @@ TAGS

# other
.DS_Store

# nix
.direnv
3 changes: 2 additions & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
FROM haskell:8.10.7-buster
FROM haskell:9.4.8-buster

WORKDIR /opt/ldap-scim-bridge

# Add just the .cabal file to capture dependencies
COPY ./ldap-scim-bridge.cabal /opt/ldap-scim-bridge/ldap-scim-bridge.cabal
COPY ./cabal.project /opt/ldap-scim-bridge/cabal.project

RUN cabal v2-update

Expand Down
6 changes: 6 additions & 0 deletions cabal.project
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
source-repository-package
type: git
location: https://gitlab.com/leif.battermann/tinylog.git
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would be nice to have a link to the upstream PR here so it's easier to check whether we can bump this (not urgent).

tag: c570eaec033766b49ed394feb9638bfc0bd247e2

packages: ldap-scim-bridge.cabal
46 changes: 24 additions & 22 deletions examples/wire-server/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,10 @@ export WIRE_TEAMID
export SCIM_TOKEN
export SCIM_TOKEN_ID
export SCIM_TOKEN_FULL
export WIRE_SERVER_PATH=~/src/wire-server
export WIRE_SAMLIDP
export WIRE_SERVER_PATH="${WIRE_SERVER_PATH:=~/src/wire-server}"
export SPAR_URL=http://localhost:8088
export BRIG_URL=http://localhost:8088
export BRIG_URL=http://localhost:8082
export GALLEY_URL=http://localhost:8085

function install() {
Expand Down Expand Up @@ -62,23 +63,23 @@ function scaffolding2() {

function scaffolding_spar() {
if ( curl -s $BRIG_URL/i/status ); then
WIRE_USER=$(${WIRE_SERVER_PATH}/deploy/services-demo/create_test_team_admins.sh -c)
WIRE_USERID=$(echo $WIRE_USER | sed 's/^\([^,]\+\),\([^,]\+\),\([^,]\+\)$/\1/')
WIRE_PASSWD=$(echo $WIRE_USER | sed 's/^\([^,]\+\),\([^,]\+\),\([^,]\+\)$/\3/')
WIRE_TEAMID=$(curl -s -H'content-type: application/json' -H'Z-User: '"${WIRE_USERID}" http://localhost:8082/self | jq .team | xargs echo)
WIRE_USER=$("${WIRE_SERVER_PATH}"/hack/bin/create_test_team_admins.sh -c)
WIRE_USERID=$(echo "$WIRE_USER" | sed 's/^\([^,]\+\),\([^,]\+\),\([^,]\+\)$/\1/')
WIRE_PASSWD=$(echo "$WIRE_USER" | sed 's/^\([^,]\+\),\([^,]\+\),\([^,]\+\)$/\3/')
WIRE_TEAMID=$(curl -s -H'content-type: application/json' -H'Z-User: '"${WIRE_USERID}" "$BRIG_URL/self" | jq .team | xargs echo)

# create a saml idp (if we don't, users will not be created, but invitated, which would make the following more awkward to write down).
curl -s -X PUT \
--header "Z-User: $WIRE_USERID" \
--header 'Content-Type: application/json;charset=utf-8' \
-d '{"status": "enabled"}' \
${GALLEY_URL}/i/teams/$WIRE_TEAMID/features/sso >/dev/null
export WIRE_SAMLIDP=$(curl -X POST \
${GALLEY_URL}/i/teams/"$WIRE_TEAMID"/features/sso >/dev/null
WIRE_SAMLIDP=$(curl -X POST \
--header "Z-User: $WIRE_USERID" \
--header 'Content-Type: application/xml;charset=utf-8' \
-d "<EntityDescriptor xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:samla=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:samlm=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" ID=\"_0c29ba62-a541-11e8-8042-873ef87bdcba\" entityID=\"https://issuer.net/_"`uuid`"\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"><IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><KeyDescriptor use=\"signing\"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBOTCBxKADAgECAg4TIFmNatMeqaAE8BWQBTANBgkqhkiG9w0BAQsFADAAMB4XDTIxMDkwMzEzMjUyMVoXDTQxMDgyOTEzMjUyMVowADB6MA0GCSqGSIb3DQEBAQUAA2kAMGYCYQDPAqTk/nq2B/J0WH2FtiRh6nB8BvOc6M7d4K2KV0kXrePjeRPh+cDDf9mYrpntnjBa2LGAc0S4gjUXdvnt1Fxg2YYXYJ+N7+jxV36jUng7cGz1tEOB5RIj28Mv8/eXnjUCAREwDQYJKoZIhvcNAQELBQADYQBaIWDz832gg5jZPIy5z0CV1rWbUQALy6SUodWMezbzVF86hycUvZqAzd5Pir8084Mk/6FQK2Hbbml2LaHS8JnZpYxlgNIRNNonzScAUFclDi4NNmcxPuB6ycu9kK/0l+A=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://requri.net/fb9e3c14-25eb-482a-8df3-c71e3e83110b\"/></IDPSSODescriptor></EntityDescriptor>" \
-d "<EntityDescriptor xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:samla=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:samlm=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\" ID=\"_0c29ba62-a541-11e8-8042-873ef87bdcba\" entityID=\"https://issuer.net/_$(uuidgen)\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"><IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><KeyDescriptor use=\"signing\"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBOTCBxKADAgECAg4TIFmNatMeqaAE8BWQBTANBgkqhkiG9w0BAQsFADAAMB4XDTIxMDkwMzEzMjUyMVoXDTQxMDgyOTEzMjUyMVowADB6MA0GCSqGSIb3DQEBAQUAA2kAMGYCYQDPAqTk/nq2B/J0WH2FtiRh6nB8BvOc6M7d4K2KV0kXrePjeRPh+cDDf9mYrpntnjBa2LGAc0S4gjUXdvnt1Fxg2YYXYJ+N7+jxV36jUng7cGz1tEOB5RIj28Mv8/eXnjUCAREwDQYJKoZIhvcNAQELBQADYQBaIWDz832gg5jZPIy5z0CV1rWbUQALy6SUodWMezbzVF86hycUvZqAzd5Pir8084Mk/6FQK2Hbbml2LaHS8JnZpYxlgNIRNNonzScAUFclDi4NNmcxPuB6ycu9kK/0l+A=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://requri.net/fb9e3c14-25eb-482a-8df3-c71e3e83110b\"/></IDPSSODescriptor></EntityDescriptor>" \
${SPAR_URL}/identity-providers | jq .)
if [ "$(echo $WIRE_SAMLIDP | jq .id)" == "null" ]; then
if [ "$(echo "$WIRE_SAMLIDP" | jq .id)" == "null" ]; then
echo "could not create idp: $WIRE_SAMLIDP"
false
fi
Expand All @@ -87,24 +88,25 @@ function scaffolding_spar() {
SCIM_TOKEN_FULL=$(curl -X POST \
--header "Z-User: $WIRE_USERID" \
--header 'Content-Type: application/json;charset=utf-8' \
-d '{ "description": "test '"`date`"'", "password": "'"$WIRE_PASSWD"'" }' \
-d '{ "description": "test '"$(date)"'", "password": "'"$WIRE_PASSWD"'" }' \
${SPAR_URL}/scim/auth-tokens)
SCIM_TOKEN_ID=$(echo $SCIM_TOKEN_FULL | jq -r .info.id)
SCIM_TOKEN=$(echo $SCIM_TOKEN_FULL | jq -r .token)
ESCAPED_SCIM_TOKEN=$(echo $SCIM_TOKEN | sed 's/\+/\\\+/g;s_/_\\/_g;s/\=/\\=/g')
SCIM_TOKEN_ID=$(echo "$SCIM_TOKEN_FULL" | jq -r .info.id)
SCIM_TOKEN=$(echo "$SCIM_TOKEN_FULL" | jq -r .token)
ESCAPED_SCIM_TOKEN=$(echo "$SCIM_TOKEN" | sed 's/\+/\\\+/g;s_/_\\/_g;s/\=/\\=/g')
sed -i 's/^ token: \"Bearer .*$/ token: \"Bearer '"${ESCAPED_SCIM_TOKEN}"'"/' $BRIDGE_CONF1
sed -i 's/^ token: \"Bearer .*$/ token: \"Bearer '"${ESCAPED_SCIM_TOKEN}"'"/' $BRIDGE_CONF2
else
# no wire-server running?
echo "${WIRE_SERVER_PATH}/deploy/dockerephemeral/run.sh"
echo "${WIRE_SERVER_PATH}/services/start-services-only.sh"
echo "start wire service by going to the wire-server directory and running:"
echo "./deploy/dockerephemeral/run.sh"
echo "make cr"
false
fi
}

function assert_num_members() {
sleep 2 # mitigate race conditions (increase the time if this function fails)
if [ "$(curl -s -H'content-type: application/json' -H'Z-User: '"${WIRE_USERID}" http://localhost:8085/teams/${WIRE_TEAMID}/members | jq '.members|length')" != "$1" ]; then
if [ "$(curl -s -H'content-type: application/json' -H'Z-User: '"${WIRE_USERID}" http://localhost:8085/teams/"${WIRE_TEAMID}"/members | jq '.members|length')" != "$1" ]; then
echo "$2"
false
fi
Expand All @@ -116,16 +118,16 @@ function assert_num_members() {
clear

scaffolding_spar
echo WIRE_USERID: $WIRE_USERID
echo WIRE_TEAMID: $WIRE_TEAMID
echo SCIM_TOKEN: $SCIM_TOKEN
echo WIRE_USERID: "$WIRE_USERID"
echo WIRE_TEAMID: "$WIRE_TEAMID"
echo SCIM_TOKEN: "$SCIM_TOKEN"

scaffolding1
sudo slapcat
cabal run ldap-scim-bridge $BRIDGE_CONF1
cabal run ldap-scim-bridge "$BRIDGE_CONF1"
assert_num_members 2 "user could not be created!"

scaffolding2
sudo slapcat
cabal run ldap-scim-bridge $BRIDGE_CONF2
cabal run ldap-scim-bridge "$BRIDGE_CONF2"
assert_num_members 1 "user could not be deleted!"
237 changes: 127 additions & 110 deletions ldap-scim-bridge.cabal
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,121 +1,138 @@
cabal-version: 2.4
name: ldap-scim-bridge
version: 0.8
synopsis: See README for synopsis
description: See README for description
homepage: https://github.com/wireapp/ldap-scim-bridge
bug-reports: https://github.com/wireapp/ldap-scim-bridge/issues
license: AGPL-3.0-or-later
license-file: LICENSE
author: Matthias Fischmann
maintainer: Matthias Fischmann <[email protected]>
copyright: (c) 2021 wire.com
category: System
build-type: Simple
extra-doc-files: README.md
CHANGELOG.md
extra-source-files: examples/wire-server/run.sh
examples/wire-server/conf1.yaml
examples/wire-server/conf2.yaml
examples/wire-server/runlog
tested-with: GHC == 8.8.3
cabal-version: 2.4
name: ldap-scim-bridge
version: 0.8
synopsis: See README for synopsis
description: See README for description
homepage: https://github.com/wireapp/ldap-scim-bridge
bug-reports: https://github.com/wireapp/ldap-scim-bridge/issues
license: AGPL-3.0-or-later
license-file: LICENSE
author: Matthias Fischmann
maintainer: Matthias Fischmann <[email protected]>
copyright: (c) 2021 wire.com
category: System
build-type: Simple
extra-doc-files:
CHANGELOG.md
README.md

extra-source-files:
examples/wire-server/conf1.yaml
examples/wire-server/conf2.yaml
examples/wire-server/run.sh
examples/wire-server/runlog

tested-with: GHC ==8.8.3

source-repository head
type: git
location: https://github.com/wireapp/ldap-scim-bridge.git
type: git
location: https://github.com/wireapp/ldap-scim-bridge.git

common common-options
build-depends: base >=4.13 && <4.15
, relude
, hscim >=0.3.6 && <0.4
, ldap-client >=0.4.1 && <0.5
, network >=3.1.1.1 && <3.2
, text >=1.2.4.1 && <1.3
, yaml >=0.11.5.0 && <0.12
, aeson >=1.4.7.1 && <1.5
, aeson-pretty >=0.8.8 && <0.9
, containers >=0.6.2.1 && <0.7
, bytestring >=0.10.12 && <0.11
, email-validate >=2.3.2.13 && <2.4
, string-conversions >=0.4.0.1 && <0.5
, servant-client >=0.18.3 && <0.19
, unordered-containers >= 0.2.14.0 && <0.3
, servant-client-core >=0.18.3 && <0.19
, servant >=0.18.3 && <0.19
, http-types >=0.12.3 && <0.13
, string-conversions >=0.4.0.1 && <0.5
, http-client >=0.7.8 && <0.8
, http-client-tls >=0.3.5 && <0.4
, tinylog >=0.15 && <0.16
build-depends:
, aeson >=2.1.2 && <2.2
, aeson-pretty >=0.8.10 && <0.9
, base >=4.17.2 && <4.18
, bytestring >=0.11.5 && <0.12
, containers >=0.6.7 && <0.7
, email-validate >=2.3.2 && <2.4
, hscim >=0.4.0.2 && <0.5
, http-client >=0.7.16 && <0.8
, http-client-tls >=0.3.6 && <0.4
, http-types >=0.12.4 && <0.13
, ldap-client >=0.4.2 && <0.5
, network >=3.1.4 && <3.2
, relude >=1.2.1 && <1.3
, servant >=0.19.1 && <0.20
, servant-client >=0.19 && <0.20
, servant-client-core >=0.19 && <0.20
, string-conversions >=0.4.0 && <0.5
, text >=2.0.2 && <2.1
, tinylog >=0.15.0 && <0.16
, unordered-containers >=0.2.20 && <0.3
, yaml >=0.11.11 && <0.12

mixins: base hiding (Prelude)
, relude (Relude as Prelude)
mixins:
base hiding (Prelude),
relude (Relude as Prelude)

ghc-options: -Wall
-Wcompat
-Widentities
-Wincomplete-uni-patterns
-Wincomplete-record-updates
if impl(ghc >= 8.0)
ghc-options: -Wredundant-constraints
if impl(ghc >= 8.2)
ghc-options: -fhide-source-paths
if impl(ghc >= 8.4)
ghc-options: -Wmissing-export-lists
-Wpartial-fields
if impl(ghc >= 8.8)
ghc-options: -Wmissing-deriving-strategies
ghc-options:
-O2 -Wall -Wcompat -Widentities -Wincomplete-uni-patterns
-Wincomplete-record-updates -Wpartial-fields -fwarn-tabs
-optP-Wno-nonportable-include-path -Wredundant-constraints
-fhide-source-paths -Wmissing-export-lists -Wpartial-fields
-Wmissing-deriving-strategies

default-language: Haskell2010
default-extensions: AllowAmbiguousTypes
BangPatterns
ConstraintKinds
DataKinds
DefaultSignatures
DeriveFunctor
DeriveGeneric
DeriveLift
DeriveTraversable
DerivingStrategies
EmptyCase
FlexibleContexts
FlexibleInstances
FunctionalDependencies
GADTs
InstanceSigs
KindSignatures
LambdaCase
MultiParamTypeClasses
MultiWayIf
NamedFieldPuns
OverloadedStrings
PackageImports
PatternSynonyms
PolyKinds
QuasiQuotes
RankNTypes
RecordWildCards
ScopedTypeVariables
StandaloneDeriving
TemplateHaskell
TupleSections
TypeApplications
TypeFamilies
TypeFamilyDependencies
TypeOperators
UndecidableInstances
ViewPatterns
default-language: Haskell2010
default-extensions:
AllowAmbiguousTypes
BangPatterns
ConstraintKinds
DataKinds
DefaultSignatures
DeriveFunctor
DeriveGeneric
DeriveLift
DeriveTraversable
DerivingStrategies
DerivingVia
EmptyCase
FlexibleContexts
FlexibleInstances
FunctionalDependencies
GADTs
InstanceSigs
KindSignatures
LambdaCase
MultiParamTypeClasses
MultiWayIf
NamedFieldPuns
NoImplicitPrelude
OverloadedStrings
PackageImports
PatternSynonyms
PolyKinds
QuasiQuotes
RankNTypes
RecordWildCards
ScopedTypeVariables
StandaloneDeriving
TemplateHaskell
TupleSections
TypeApplications
TypeFamilies
TypeFamilyDependencies
TypeOperators
UndecidableInstances
ViewPatterns

library
import: common-options
hs-source-dirs: src
exposed-modules: LdapScimBridge
import: common-options
hs-source-dirs: src
exposed-modules: LdapScimBridge

executable ldap-scim-bridge
import: common-options
hs-source-dirs: app
main-is: Main.hs
build-depends: ldap-scim-bridge
ghc-options: -threaded
-rtsopts
-with-rtsopts=-N
import: common-options
hs-source-dirs: app
main-is: Main.hs
build-depends: ldap-scim-bridge
ghc-options: -threaded -rtsopts -with-rtsopts=-N

test-suite ldap-scim-bridge-test
main-is: Spec.hs
type: exitcode-stdio-1.0
build-depends:
, base
, bytestring >=0.11.5 && <0.12
, email-validate >=2.3.2 && <2.4
, hscim >=0.4.0.2 && <0.5
, hspec
, ldap-client >=0.4.2 && <0.5
, ldap-scim-bridge
, QuickCheck
, string-conversions
, text >=2.0.2 && <2.1
, yaml >=0.11.11 && <0.12

hs-source-dirs: test
default-language: Haskell2010
Loading
Loading